DEC. 8.2005 2:36PM ZILKA-KOTAB, PC 

-2- 



NO. 1190 P. 9 



TN THE CLAIMS: 
Amended claims follow; 

1. (Cuirently Amended) A load balancing device for balancing the load across a 
pluraUty of proxy devices arranged to perfoim malware scanning of files stored within a file 
storage device of a computer network, the computer network having a pluiality of client 
devices arranged to issue access requests using a dedicated file access protocol to the file 
storage device in order to access files stored on the file storage device, the load baJancing 
device being arranged so as to intercept access requests issued to the file storage device, and 
comprising: 

a client interfece for receiving an access request issued to ttie file storage device 
using the dedicated file access protocol; 

load balancing logic for applying a predetemiined load balancing routine to 
drternnne to \vbich proxy device to direct that access request; and 

a proxy device interface for sending the access request to flie proxy device 
determined by the load balancing logic, each proxy device being coupled to flie file storage 
device^ 

w>ierein said pmrv devices a re arranged to perform said malwRTB scanninp; ftf 
files stored within the file storage device, and tiie l o ad balancing device detennines to 
which of said plurality of proxv devices to direc t anv particular access request; 
wherein each proxy device, comprises: 

fn ) a first interface for receiving from the l oad balancing device an 
access request issued bv one of said client device s tn said file storage device 
jisin g the dedicated file access protocol; 

a secrind interface for conmiunicarine with the file storage device to 
ftaiiae the file storage device to process the a ccess request: 
(r- ^f p rncRssinf^ loeio for causing selected malware sc anning algorithms to 
hft executed to determine whether the file identifi ed hv die access request is 
to he considered as malware; 
wherein, unon receipt of an access request th e processing logic is airangedJa 
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H^t^rmine frnin the access reaue. >^ p r^H^t^ined attributes. mA to send those predetermifi^ 
^ttnhnt^fi fn the file St orage device to ( ^ ^le the file Storage device to pftrfqm) a vaHdation 
nh6r.k. the processip ^ lo ^ic onlv a^U owiTi g the access reques t t o pr oceed if the file storage 
H^rft coTifiTins that the client devi^ fi ifl allowed to access the file identified by the file 
access request; 

wherein a user cache is utilized for storing th e medetenpiTied attributes. 

2. (Original) A load balancing device as claimed in Claim 1 , wherein the dedicated file 
access protocol is the Server Message Block (SMB) protocol, and the access requests are 
SMB calls issued to the file storage device. 

3. (Original) A load balanciog device as claimed in Claim 1, wherein the dedicated file 
access protocol is the Network File System (NFS) protocol, and the access requests are NFS 
calls issued to the file storage device. 



4. (Original) A load balancing device as claimed in Claim 1, wherditt said load 
balancing routine is ananged, upon receipt of an access request, to poll each of the plurality 
of proxy devices, and to cause the access request to be sent to the first proxy device in said 
pluitdity that replies wilii an indication ttiat it is available to handle the access request 

5. (Original) A load balandng device as claimed in Claim 1, wherein said load 
balancing routine is arranged to apply a "round robin" system of aUocation of access 
requests to proxy devices in said phiraJity so as to evenly distribute the access requests 
amongst ttie plurality of proxy devices. 

6. (Original) A load balancing device as claimed in Claim 1, wherein the proxy device 
interface is arranged to receive a ready signal from each proxy device in said plurality 
indicating whether that proxy device is ready to receive an access request, the load 
balancing routine being arranged to refer to said ready signals when determimng to which 
proxy device to direct a particular access request 
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7. (Original) A load balancing device as claimed in Claim 1, whereiii each device in 
the computer network is assigned an identifier, and «ie load balancing device is assigned flie 
same identifier as is assigned to the file storage device, the oUent interface being cotoectable 
to a commimication infirastructure of the computer network to enable communication 
between the load balancing device and said client devices, whilst the plurality of proxy 
devices are connectable to the proxy device mterface and die file storage device is 
connectable to each proxy device, such that the file storage device is only accessible by said 
client devices via said load balancing device and one of said proxy devices. 

8. (Original) A load balancing device as claimed in Claim 7, wherein a pluraHty of file 
storage devices maybe connected to each of said proxy devices, each file storage device 
having a diflferent identifier, and the load balancing device being assigned multiple 
identifiers coiresponding to the identifiers of the file storage devices connected to the 
plurality of proxy devices, the cUent interfece being configured to receive any access 
requests issued to one of said file storage devices connected to the plurality of proxy 
devices. 

9. (Original) A load balancing device as claimed in Claim 1, -wherein each device in 
the computer network is assigned an identifier, the load balancing device being assigned a 
unique identifier different to the identifier of the file storage device, the cUcnt devices, the 
load balancing device and the file storage device being connectable to a communicatiOT 
infrastructure of die computer network, the client devices being configured such that access 
requests issued by the client devices are routed to the load balancing device, and the file 
storage device being configured to return each processed access request to the proxy device 
from which that access request was received. 

10. (Cancelled) 

m 

1 1 . (Currently Amended) A balanced proxy system as claimed in Claim 1 [0], wherein 
the processing logic is responsive to configuration data to determine which malware 
scanning algorithms should be selected for a particular file, estch proxy device fiirther 
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comprising a scanning engine to execute themalware scanning algoiilbms selected by the 
processing logic. 

1 2. (Currently Amended) A balanced proxy system as claimed in Claim 1 [0], wherein 
each proxy device forther compiises a file cache for storing files previously accessed by the 
client devices, upon receipt of an access request identifying a file to be read ftom the file 
storage device, the processing logic being arranged to determme whether the file identified 
by the access request is stored in the file cache and if so to return the file to the client device 
via the load balancing device without communicating with the file storage device via the 
second interface. 

13. (Original) A balanced piray system as claimed in Claim 12, v4iOTeitt the file cache 
is arranged only to store files which have been detennined not to be considered as malware. 



l4.-15.(Cancened) 

16. (Cunently Amended) A method of operating a load balancing device to balance the 
load across a plurality of proxy devices arranged to pttform noalwaie scanning of files 
stored within a file storage device of a con^juter network, the computer nrtwork having a 
plurality of client devices arranged to issue access requests using a dedicated file access 
protocol to ihe file storage device in order to access files stored on the file stora^ device, 
fhe load balancing device being arranged so as to intercept access requests issued to the file 
storage device, and flie metibiod comprising ttie steps of: 

(a) receiving an access request issued to the file storage device using the dedicated file 

access protocol; 

(b) applying a predetermined load balancing routine to detannine to which proxy device 
to direct that access request; and 

(c) sending tiie access request to die proxy device determined at said step (b), 
each proxy device being coupled to the file storage device; 

wherein said oroxv devices are arranged to perform said tnalw are scanning of 
files stored within the file storage device, and the load balancing device determines tO 
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which of said plurality of proxy devices to direct anv parrinilar acoeSS feq^egt; 
wherein each proxy device comprises: 

Ca') a first interface for receiving from the load baiaTicing device an 
access request iii.<»^^ hv one of said cUent de vices to said file Storage deivice 
^^«|!f^]p ; the dedicated filft access protocol: 

(h^ a second interface for commimicad Tip with the file storage device to 
cause the file storage device to p rocess the access re<Juest 
(c\ processing logic for earning sele r-tfid malware scamiing algorithms to 
he executed to determine w ftether the file identified bv the access requg$t is 
trt he considered ae malw^re- 
whftTFiiTi. imon receipt of an access rf -g nest the processing logic is arranged to 
detennine fiom thft access reflues t predfitermined attrihutes, and to send those predetennined 
attributes to the file stnraae device to enable the file storage devicfi to t^eiform a validation 
chedc &e tster i-^Anf to pic onlv allowing t h e access reoufest to nroceed if the file stoi;afie 
^^^if rrmfir ms that flie cKent device is all o wed to access the file identified by ^9 ffl? 
access request: 

whefain a user cache is utilized far storing the predtrtermined attributes. 

17. (Origindl) A method as claimed itt Claim 16, wherein the dedicated file access 
protocol is the Server Message Block (SMB) protocol, and the access requests are SMB 
calls issued to the file storage device. 

1 8. (Original) A method as claimed in Claim 16, wherein the dedicated file access 
protocol is the Network File System (NFS) protocol, and the access requests are NFS calls 
issued to the file storage device. 

19. (Ori^al) A method as claimed in Claim 16, wherein said load balancing routine is 
arranged, upon receipt of an access request, to poll each of the plurality of proxy devices, 
and to cause the access request to be seftt to the first proxy device in said plurality that 
rqplies with an indication diat it is available to handle the access request 
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20. (Original) A method as olaimed in Claim 16, wherein said load balancing noutine is 
arranged to apply a "round robin" system of allocation of access requests to proxy devices in 
said plurality so as to evenly distribute the access requests amongst the plurality of proxy 
devices. 

21 . (Original) A method as claimed in Claim 16, wherdn the load balancing device is 
arranged to receive a ready signal fiom each proxy device in said plurality indicatmg 
•nliether that proxy device is ready to receive an access request, the load balancing routine 
being arranged to refer to said ready signals when determining to which proxy device to 
direct a partictilar access request 

22. (Original) A method as claimed in Claim 16, wherein each device in the computer 
network is assigned an identifier, and the load balancing device is assigned the same 
identifier as is assigned to the file stowage device, the m^od comprising the steps of: 

connecting a cliait interfisce of flie load balancing device to a communication 
infiasttuctore of the compute network to raiable camraunication between the load balancing 
device and said client devices; 

connecting the plurality of proxy devices to A proxy device ittterfece of tiie load 

balancing device; and 

cOTcnecting the file storage device to each proxy device, such that the file storage 
device is only accessible by said client devices via said load balancing device and one of 
said proxy devices. 

23. (Original) A method as claimed in Claim 22, wherein a plurality of file storage 
devices may be connected to each of said proxy devices, each file storage device having a 
different identifier, and the load balancing device being assigned multiple identifiers 
coiresponding to the identifiers of the file storage devices connected to the plurality of proxy 
devices, the cUent interface being configured to receive any access requests issued to one of 
said file storage devices coimected to die plurality of proxy devices. 

24. (Original) A method as claimed in Claim 16, wherein each device in the computer 
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network is assigned an identifier, the load balancing device being assigned a unique 
identifiCT different to the identifier of the file stonage device, the method coraprismg the 
steps of: 

connecting the client devices, the load balancing device and the file storage device to 
a conununication infirastmcture of the computer networlq 

configuring the client devices such that access requests issued by the cUent devices 
are routed to the load balancing device; and 

configuring the file storage device to return each processed access request to the 
proxy device fiom which that access request was received, 

25. (Cancelled) 

26. (Omently Amended) A method as claimed in Claim [25]i6, whsrem said step (iii) 

comprises the steps of: 

responsive to configuratioii data, detecmining which malware scanning algotiflmis 

should be selected for a particular file; and 

employing a scanning engine to execute the malwaie scanning algorithms selected 
by said determirung step- 

27. (Currently Amended) A method as claimed in Claim [25]14 wherein each proxy 
device is arranged to perform the further stqjs of: 

storing within a file cache files previously accessed by the client devices; 

upon receipt of an access request identifying a file to be read from the file storage 
device, determining whether die file identified by the access request is stored in the file 
cache and if so to return die file to the client device via the load balancing device without 
communicating with the file storage device. 

28. (Qri^nal) A method as claimed in Claim 27, whwein the file cache is arranged only 
to store files which have been detemiined not to be considered as malware. 

29. -30. (CanceUed) 
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31. (Currently Amended) A computer program embodied in a oomputer-xeadable 
medium for configuring a load balancing device to perfonn a method of balancing the load 
across a plurality of proxy devices arranged to perform malware scanning of files stored 
within a file storage device of a computer network, the computer network having a plurality 
of client devices arranged to issue access requests using a dedicated file access protocol to 
the file storage device in order to access files stored on the file storage device, the load 
balanomg device being anranged so as to intercept access requests issued to the file storage 
device, and the computer program embodied in a computer-readable medium comprising: 

(a) client interface code operable to receive an access request issued to the file storage 
device using the dedicated file access protocol; 

(b) load balancing code operable to apply apredetennined load balancing routine to 
detenninc to v<*ich proxy device to direct that access request; and 

(c) proxy device interface code operable to send the access request to the piaxy device 
detennined by the load balancing logic, each proxy device brang coupled to Ae file storage 
device; 

wfte^in saidnroxv devices are mx anped to nerffarm said malware scanning flf 
files stored wi*liiti the file storage de^ce. balancing device dfttermiTlCff tO 

which of said pluralitv of oroxv devices to direct anv particular access rcQUest; 
wherein each m oacv device eomnrises: 

f a> a first interfiice fo r receiving fi-om the load balancing device ao 
access re quest issued bv one of sa id client devices to said file storage device 
using the dedicated file access protocoli 

(b) a second interface for communicating with the fi le storage device to 
cause the file storage device to process t he access request; 

(c ) processing logic for causing selected ip alwarp. srannm^ alporitbms to 
he executed to determine whether the file identifi ed bv the access request is 
to be considered as malware^ 

wherein, upon receipt of an access request, the pro cessing logic is arranged to 
determine from the access request predetermined a ttributes, and to send those predetermined 
attributes to the file storage device to enable the file stor age device to nerfoim a vahdation 



PAGE 16/26 ' RCVD AT 1218/2005 S:2S:37 PM [Eastern Standard Time] * SVR:USPTO-EF}(RF-6/30 ' DNIS:2738300 * CSiD:4089714660* DURATION (mm-ss):08-22 



DEC. 8.2005 2:38PM ZILKA-KOTAB, PC 

-10- 



NO. 1190 P. 17 



cherk. the Drocesstag logic onl y allnwing Ifae access request to proceed if the ffle stxa a S S 
device cQpfirms tliat the client de ^ c.p. is allowed to access the file identifie^^ W tfre filq 
y:cess request; 

tyherein a user cache is utilized fo r storing flie predeteTmtned atttftmte^- 

32. (Previously PresentetO A computer program embodied in a computw-readable 
medium as claimed in Claim 31, wherein the dedicated file access protocol is the Server 
Message Block (SMB) protocol, and the access requests are SMB calls issued to the file 
storage device. 

33. (^teviaasfy Presented) A compute program embodied in a computer-readable 
medium as claimed in Claim 31, wherein the dedicated file access protocol is the Networic 
File System (NFS) protocol, and the access requests are NFS calls issued to the file storage 
device. 

34. (Previously Presented) A computer program embodied in a cojiq>utCT-readdble 
medium as claimed in Claim 31, wherein said load balancing routine is ananged, tq>on 
receipt of an access request, to poll each of the plurality of proxy devices, and 1© cause the 
access request to be sent to the first proxy device in said plurality fliat replies with an 
indication that it is available to handle flie access request. 

35. (Previously Presorted) A con^niter program embodied in a computer-readable 
medium as claimed in Claim 31, wherein said load balancing routine is anranged to apply a 
"round robin" system of allocation of access requests to proxy devices in said plurality so as 
to evenly distribute ttie access requests amongst the plurality of proxy devices. 

36. (Previously Presented) A computer program embodied in a computer-readable 
medium as claimed in Qaim 31, wherein the load balancing device is arranged to receive a 
ready signal from each proxy device in said plurality indicatLng whether that proxy device is 
ready to receive an access request, the load balancing routine being arranged to refer to said 
ready signals whai detemiimng to which proxy device to direct a particular access request 
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37. (Previously Presented) A computer program embodied in a computCT-readable 
medium as claimed in Claim 31, wherein each device in the computernetworic is assigned 
an identifier, and ihe load balancing device is assigned the same identifier as is assigned to 
the file storage device, a client interfece of the loadbalancing device being connectable to a 
commimicadon infiastmcture of the computer network to enable commuoication between 
the load balancing device and said cHent devices, whilst the plurality of proxy devices are 
connectable to a proxy device interface of flie load balancing device and the file storage 
device is connectable to each proxy device, such that the file storage device is only 
accessible by said client devices via said load balancing device and one of said proxy 
devices. 

38. (Previously Presented) A conqmtw program ranbodied in a computa: readable 
medium as daimed in Qaim 37, wherein aplurality of file storage devices be 
connected to each of said pnsxy devices, each file storage device having a different 
idwitifier, and the load balancing device bdng assigned multiple identifies coneqKHidmg to 
the identifiers of the file storage devices connected to the phirality of proxy devices, the 
dient interface code being operable to receive any access requests issued to one of said file 
storage devices connected to the plurality of proxy devices. 

39. (Previously Presented) A computer program embodied in a computer-readable 
medium as claimed in Claim 31, wherem each device in the computer network is assigned 
an identifier, the load balancing device being assigned a unique identifier different to the 
identifia- of the file storage device, the client devices, ttie load balancmg device and the file 
storage device being connectable to a communication infiastmcture of the computer 
network, the client devices being configured such that access requests issued by the chent 
devices are routed to the load balancing device, and the file storage device bdtag configured 
to return each processed access request to the proxy device fix>m which that access request 
was received. 

40. (Canceled) 
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41. (Cuircntly Amended) A computer program embodied in a computer-readable 
medium as claimed in Qaim [40]3L wherein said algorithm invoking code is operable to 
determiiie, lesponsive to configuration data, which malware scanning algorithms should be 
selected for a particular file, and the second computer program product fiirther comprises 
scanning engme code responsive to said algorithm invoJdng code and operable to execute 
the malware scanning algorithms selected by said algorithm invoking code. 

42. (Cunently Amended) A computer program embodied in a comptiCer-readable 
medium as claimed in Claim [40131. wherein said second computer program embodied in a 
con]{>uter-readable medium ftirthCT comprises: 

caching code operable to store within a file cache files previously accessed by the 

client devices; 

the reception code being operable, xspon receqjt of an access request identifying a 
file to be read fiom the file storage device, to detemmie whether the file identified by the 
access request is stored in ihe file cache and if so to letum the file to flie client device via the 
load balancing device without communicating with the file storage device. 

43. (Previously Presented) A computer program embodied in a computer-readable 
medium as claimed in Claim 42, wherein tiie file cache is arranged only to store files wMch 
have been detemiined not to be considered as malware. 

44. -45. (Cancelled) 
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